Gitlab: Difference between revisions

(2 intermediate revisions by 2 users not shown)

Line 5:

== Installation ==

~~A minimal local installation of Gitlab might look like this~~

=== Generate Secrets ===

sudo install -d -m 0700 /var/lib/gitlab/secrets

sudo sh -c 'openssl rand -hex 32 > /var/lib/gitlab/secrets/activeRecordPrimaryKey'

sudo sh -c 'openssl rand -hex 32 > /var/lib/gitlab/secrets/activeRecordDeterministicKey'

sudo sh -c 'openssl rand -hex 32 > /var/lib/gitlab/secrets/activeRecordSalt'

sudo chown -R gitlab:gitlab /var/lib/gitlab/secrets

sudo chmod 700 /var/lib/gitlab/secrets

sudo chmod 0600 /var/lib/gitlab/secrets/*

</syntaxhighlight>

<~~syntaxHighlight~~ lang="nix">

=== Nix Configuration ===

services.gitlab = {

<syntaxhighlight lang="nix">services.gitlab = {

enable = true;

databasePasswordFile = pkgs.writeText "dbPassword" "zgvcyfwsxzcwr85l";

Line 17:

Line 26:

dbFile = pkgs.writeText "dbsecret" "we2quaeZ";

jwsFile = pkgs.runCommand "oidcKeyBase" {} "${pkgs.openssl}/bin/openssl genrsa 2048 > $out";

activeRecordPrimaryKeyFile = "/var/lib/gitlab/secrets/activeRecordPrimaryKey";

activeRecordDeterministicKeyFile = "/var/lib/gitlab/secrets/activeRecordDeterministicKey";

activeRecordSaltFile = "/var/lib/gitlab/secrets/activeRecordSalt";

};

Line 32:

Line 44:

services.openssh.enable = true;

systemd.services.gitlab-backup.environment.BACKUP = "dump";

systemd.services.gitlab-backup.environment.BACKUP = "dump";</syntaxhighlight>

</~~syntaxHighlight~~>

After applying the configuration head to http://localhost and login with username <code>root</code> and the password specified in <code>initialRootPasswordFile</code>.

Line 162:

Line 173:

* [[Gitea]], a web app, Git development repository and project management.

* [[Forgejo]], a web application offers Git development repositories and project management. Community fork of Gitea.

[[Category:Server]]

[[Category:Web Applications]]

[[Category:NixOS Manual]]

@@ Line 5: / Line 5: @@
 == Installation ==
-A minimal local installation of Gitlab might look like this
+=== Generate Secrets ===
+<syntaxhighlight lang="bash">
+sudo install -d -m 0700 /var/lib/gitlab/secrets
+sudo sh -c 'openssl rand -hex 32 > /var/lib/gitlab/secrets/activeRecordPrimaryKey'
+sudo sh -c 'openssl rand -hex 32 > /var/lib/gitlab/secrets/activeRecordDeterministicKey'
+sudo sh -c 'openssl rand -hex 32 > /var/lib/gitlab/secrets/activeRecordSalt'
+sudo chown -R gitlab:gitlab /var/lib/gitlab/secrets
+sudo chmod 700 /var/lib/gitlab/secrets
+sudo chmod 0600 /var/lib/gitlab/secrets/*
+</syntaxhighlight>
-<syntaxHighlight lang="nix">
+=== Nix Configuration ===
-services.gitlab = {
+<syntaxhighlight lang="nix">services.gitlab = {
    enable = true;
    databasePasswordFile = pkgs.writeText "dbPassword" "zgvcyfwsxzcwr85l";
@@ Line 17: / Line 26: @@
      dbFile = pkgs.writeText "dbsecret" "we2quaeZ";
      jwsFile = pkgs.runCommand "oidcKeyBase" {} "${pkgs.openssl}/bin/openssl genrsa 2048 > $out";
+    activeRecordPrimaryKeyFile       = "/var/lib/gitlab/secrets/activeRecordPrimaryKey";
+    activeRecordDeterministicKeyFile = "/var/lib/gitlab/secrets/activeRecordDeterministicKey";
+    activeRecordSaltFile             = "/var/lib/gitlab/secrets/activeRecordSalt";
    };
 };
@@ Line 32: / Line 44: @@
 services.openssh.enable = true;
-systemd.services.gitlab-backup.environment.BACKUP = "dump";
+systemd.services.gitlab-backup.environment.BACKUP = "dump";</syntaxhighlight>
-</syntaxHighlight>
 After applying the configuration head to http://localhost and login with username <code>root</code> and the password specified in <code>initialRootPasswordFile</code>.
@@ Line 162: / Line 173: @@
 * [[Gitea]], a web app, Git development repository and project management.
+* [[Forgejo]], a web application offers Git development repositories and project management. Community fork of Gitea.
 [[Category:Server]]
 [[Category:Web Applications]]
 [[Category:NixOS Manual]]